Norwegian Security Service Wants Details Of Citizens' Web Comments Retained For Six Months

from the anything-else? dept

Governments around the world are seeking to monitor more and more of their citizens' online activities -- and it's not just the most obviously repressive regimes doing this. In the US, there is CISPA, while the UK is drawing up the Communications Capability Development Programme. Thomas Steen alerts us to a further escalation of this desire to spy on the public, in Norway. The secret service there (known by the acronym PST) want details about comments posted on all Web sites retained (via Google Translate):

"This will make it possible to identify which IP address to publish a given post at a particular time," writes PST letter also signed the acting chief Roger Berg.

The current requirement is to store information detailing where, when, how and with whom Norwegians communicate using the phone, mobile or e-mail. The latest proposal would be a major extension to that, since it would require data about highly personal content to be stored. Here's how the PST would access that information:

If it becomes subject to compulsory saving for six months, it will mean that the district court, upon request from the PST, may require that those who have online discussion must submit the information about who wrote a given post and when it was done.

In addition, prosecutors called a "rush of competence" in cases where data is needed very quickly. Then the police and PST require data directly from the supplier, but as the court approve it afterwards.

Aside from that retrospective approval for data grabs, the other worrying aspect of this proposal from the Norwegian secret service is that, if implemented, it would establish a precedent that other countries may seek to follow.

What are our governments afraid of?

I forget who said this, "That government which cannot trust it's citizens can itself no longer be trusted" but it has never been more true than today. Every government in the world it seems, is starting to spy on its own citizens. My question is, who is going to protect us from the government?

this intrusion into peoples lives is disgraceful. 9/11 was a despicable act committed by despicable people (if they can be called that) but even without the devastating loss of life and lives ruined, the terrorists have created such paranoia in the brains of US government and law enforcement that they have achieved all they wanted and more. they have then spread this paranoia everywhere making it worse than the most infectious of diseases. surely, there are not so many terrorists and criminals that warrant total surveillance on every citizen in the world on a 24/7 basis!

I think that it's time

for citizens of all governments to start demanding that details of all their politicians and government officials statements be recorded, saved, and indexed. Whether those statements be uttered in their official capacity, in semi-official functions, or while running for (re)election, and statement made at a podium, microphone, press function, etc., should become part of their record, made available, and used to help ensure that they are true to their word and duties. It's cheap and easy these days, what with speech recognition technology and crowd sourcing, and hey, what's the harm - if they're not lying, misleading, or acting against their mandates, then they shouldn't fear something like this.

The strange thing about the norweigian legislation is that it seems to give the authority that's appointed to oversee the data retention the power to extend the obligation to retain traffic data to new parties. One would think that the parliament or at least the government would have to give its approval to such restrictions of fundamental human rights.

So what PST is doing here is making a request to this authority (PT) to extend the obligation to retain data. And it's not just internet communities and chats either. PST wants to extend the obligation to IP-adress data to internet cafés and it wants ISPs that use NAT to store the URLs that people access.

Btw. in Sweden the police requested that the geographical position of people who make a mobile phone call should be registered every minute to track the movement of the person. Thankfully the government disagreed and the data is now to be stored "only" at the start and end of the phone call. We can only hope that this PST request ends up being rejected too. I think that's quite likely since the EU data retention directive introduces no obligations for providers of services over the internet (eg. webmail, IP-telephony, etc) unless they are offered by a company that also provides internet access or physical network infrastructure. So internet communities and such are not covered and although the PST seems to pretend otherwise it should be clear to most people that this is a quite massive extension of what the directive says.

Re: I think that it's time

"This will make it possible to identify which IP address to publish a given post at a particular time," writes PST letter also signed the acting chief Roger Berg.

A. No, it won't.

B. Even if it did, it won't reliably identify which computer was at that address.

C. Even if it did, it won't reliably identify which person was sitting at that computer.

D. Even if it did, it won't reliably identify who's responsible for that post.

It continues to boggle my mind (although by now it probably shouldn't) that legislators, politicians, judges, lawyers, pundits, and even some IT people are not FULLY aware of the bot/zombie epidemic, of its scope, and of the direct impact of that on issues just like this one. We're now (roughly) a decade into it; there are thousands of articles, blog posts and research papers about it; it's the single largest security problem (by size) on the Internet; and yet these idiots are either (a) blissfully unaware of it or (b) pretending it doesn't exist.

There are days that I think I should just skip the coffee and go straight to scotch.

Commenting is difficult enough already.

This site is one of the few that allows simple commenting. The trend is to forbid comments until the commenter provides personal information; email address, facebook id, whatever. That, of course, establishes a "business relationship" and the information may be used to spam, telemarket or just pester in novel ways. The information can likewise be sold to even worse "business partners". So, for many, comments are not only tied to their authors already, they are producing negative results.

And all to get on a page that states "999 comments, here are 3". Oh, did you want to see more? OK, here are a few more and some additional ads. And long comments require clicking on "more" to make sense of the post. You wonder if the cops will get the short version or the long one.

Re:

I agree. So far I found the developments worrying, but not bad enough to actually use anonymous and encrypted services all the time. However, I'm really starting to think more and more often that I should be using those exclusively for browsing the web now.

It's a sad day when law-abiding citizens are forced into hiding their activities.

It will not be long until they demand video and audio surveillance throughout everyones' homes. They already eavesdrop on-hook cellphones and landlines. Your big screen tv will soon have video cameras dispersed throughout the screen so you can't cover it with duct tape. There are ways to block these intrusions, however the average person lacks the skills, knowledge and/or drive to implement them - it will probably be illegal soon to do so. George was off by about forty years huh. What a wonderful future we have to look forward to.

Someone's been going thru my email,tweets and Facebook accounts for years.They know every intimate detail of my life!All my private thoughts...I'm an open book.
Of course, my divorce lawyer said that maybe I shouldn't have trusted her with all those passwords!
I don't see how the government knowing all this stuff (and they do now) could be any worse!

Re:

Re:

I agree with you, these people don't know much.
Reminds me about the days of SOPA when I was thinking that if it passed we would see a new type of attack aimed at your competition. Instead of taking their websites down just post some infringing material and then stand aside and watch your competition being dragged into court for copyright violation.
Considering that SOPA proposed that all services to the infringing website should bee blocked from day one your competition sized to exist.
Ah... the beauty of it. Too bad some idiots started protesting against it. They clearly did not see the posibilities :))

Go ahead, save this

There can be only one reason to push such absurd shit. They do it non stop then when something that's shit in a normal persons eyes is not anymore use to seeing all this other shit going on. One crack a time till we're all slaves of the system with zero rights. By the time people stand up to fight there will be enough little shit passed to prevent it and they will be able to gain more and more momentum :(

When stuff like Utøya happens, people get scared and start calling for initiatives like this. They even mention Breivik in the article. Not that I agree this is a good idea but perhaps it can explain a bit why stuff like this is proposed.

Re: Re:

No, but it is part of the EEA. The request by PST is directly related to the norweigian implementation of the EU data retention directive. It seems to be a bit uncertain to what degree Norway is bound by the directive (some analysis in norwegian can be found here).

Re:

I disagree with you on A. If you store the IP address then of course it will be possible to retrieve it later. How much it will tell you is another matter.

Please note that PST may not be interested in the data for the purpose of prosecution but for further investigations. I wouldn't rule out that it might be useful in some cases, but it's still a totally unbalanced proposal that restricts basic human rights in an unacceptable way.

Hate speech and data retention

Some of you may not know that Norway has so-called hate speech laws on the book. It's a very vague law providing for fines and imprisonmen for speech which is offensive without inciting to violence.

Any argument for data retention in relation to crime prosecution must take in to account the extend to which the state already bans speech..
The more speech is illegal, the greater the benefit of data retention.

Re:

Governments need to go back to what they were originally intended for, referring!
You don't go to an sports event expecting to see the referee takeing part, except to give an impartial decision on something both parties are willing to accept
You don't expect a referee to tell a football player that he can't kick a ball a certain way because of ........................terrorists.......pshh

200 years and out

For the majority of history governments ruled with an iron fist, mostly for the benefit of the rulers. This 200+ year flirtation with government for the people may be simply an aberration that is soon to be just a footnote in history.

Smaller government was again rejected in the USA, as seems to be the case in other countries.